@solana/kit No license 18 versions

@solana/kit

npm Repository Homepage

18

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

solana-devs

Keywords

blockchainsolanaweb3

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
typosquat	typosquat.levenshtein:koa	AI (typosquat): @solana/kit is the official Solana SDK under the @solana scope; not a typosquat of koa. Scoped package comparison is a false positive.	ai	2026/04/25
typosquat	typosquat.levenshtein:vite	AI (typosquat): @solana/kit is the official Solana SDK under the @solana scope; not a typosquat of vite. Scoped package comparison is a false positive.	ai	2026/04/25
typosquat	typosquat.levenshtein:got	AI (typosquat): @solana/kit is the official Solana SDK under the @solana scope; not a typosquat of got. Scoped package comparison is a false positive.	ai	2026/04/25
semgrep	semgrep:shady-links-raw-ip	AI (semgrep): 127.0.0.1:8899 is the standard Solana local validator address, used only in JSDoc documentation examples. Not a malicious raw IP.	ai	2026/04/25
phantom-deps	phantom-dep:@solana/rpc-api	AI (phantom-deps): Umbrella/barrel package re-exports from sibling @solana/* packages; direct import not required in source.	ai	2026/04/25
phantom-deps	phantom-dep:@solana/sysvars	AI (phantom-deps): Umbrella/barrel package re-exports from sibling @solana/* packages; direct import not required in source.	ai	2026/04/25

Versions (showing 18 of 18)

Version	Deps	Published
6.9.0	25 / 0	2026-05-06
6.8.0	25 / 0	2026-04-10
6.7.0	24 / 0	2026-04-02
6.6.0	24 / 0	2026-04-01
6.5.0	24 / 0	2026-03-19
6.4.0	24 / 0	2026-03-18
6.3.1	24 / 0	2026-03-12
6.3.0	24 / 0	2026-03-11
6.2.0	24 / 0	2026-03-09
6.1.0	24 / 0	2026-02-16
6.0.1	22 / 0	2026-02-05
6.0.0	22 / 0	2026-02-04
5.5.1	22 / 0	2026-01-28
5.5.0	22 / 0	2026-01-27
5.4.0	22 / 0	2026-01-13
5.3.0	22 / 0	2026-01-07
5.2.0	22 / 0	2026-01-07
5.1.0	20 / 0	2025-12-12

v6.9.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.8.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.3.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.0.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v6.0.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.5.1

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.3.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.2.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v5.1.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.